Which combination of the following would satisfy these requirements?
(Choose two.)
Set up domain controllers on Amazon EC2 to extend the on-premises directory to AWS.
Establish network connectivity between on-premises and the user’s VPC.
Use Amazon Cognito user pools for application authentication.
Use AD Connector for application authentication.
Set up federated sign-in to AWS through ADFS and SAML.
Explanations:
Setting up domain controllers on EC2 is an option for extending an on-premises AD to AWS but is not the recommended solution for AWS access management. It’s complex and requires additional management overhead.
Establishing network connectivity is necessary for hybrid environments but doesn’t directly address access management for AWS accounts. It is a prerequisite for other solutions but is not a solution on its own.
Amazon Cognito user pools are a suitable solution for public-facing application authentication. It can manage user sign-up, sign-in, and access control for the application.
AD Connector is used for extending on-premises AD to AWS for AWS resource access, not for public-facing application authentication. It is not suitable for the development team’s app.
Federated sign-in using ADFS and SAML allows integration of the on-premises AD with AWS for access management. This is a suitable solution for managing access to AWS resources using existing Active Directory credentials.